Passwords aren't going anywhere yet, should last until 2025

Despite moves towards two-factor and biometric authentication methods, the humble password remains the most common form of protection used online. The often-loathed strings of characters won't be phased out for another 10 years, according to a study.

Savas Keskiner/E+/Getty Images

As ZDNet reports, Wakefield Research and SecureAuth surveyed 308 employees of IT and cybersecurity firms. 91 percent said they expect to see passwords largely rendered obsolete by 2025, joining cables, cords and dedicated remote controls in becoming a technology that will be superseded by less annoying solutions within the next decade.

Passwords are already starting to head towards decline. With new cyberattacks occurring every day, new methods have had to be devised to protect personal data. Often, these can also make the login process simpler, making it more likely that people will want to use them. Fingerprint readers are becoming increasingly common on high-end smartphones, alongside other forms of biometric recognition such as iris or facial scanning.

The study found these developments aren't keeping up with the increasing sophistication of cyber-attacks though. 59 percent of the IT professionals surveyed said they had experienced a data breach within the past 12 months. 95 percent expected to increase security spending over the next 12 months.

The extra cash is headed primarily for preventative measures such as enhanced login security rather than deposits set aside to deal with the aftermath of a cyber-attack. However, 62 percent of the respondents said they still spend more on systems for use after the event of an attack rather than before.

As new authentication methods have yet to become as commonplace as passwords, the humble string of letters and numbers continues to prevail in the workplace. Companies are beginning to investigate other technologies though, in part because passwords carry more issues than just their comparatively weak protection.

The phrases are often forgotten by employees who then waste time trying to remember their login credentials or getting somebody else to reset their account. Eighty-five percent of the IT staff surveyed by SecureAuth said they receive frequent contact from hapless staff who have forgotten their password. Thirty-seven percent claimed this happens "all the time."

The cybersecurity experts involved in the study clearly voiced a shared belief that new technologies are the way forward. 97 percent said they consider new authentication techniques such as fingerprint scanning and two-factor authentication to be reliable, although 81 percent also thought the new tech is restricted by a requirement for new hardware and software to be bought.

Craig Lund, CEO of SecureAuth, commented on the findings of the study. He said: "This survey very clearly indicates there is an appetite for multi-factor authentication solutions beyond the traditional password. Advances in Adaptive Authentication have brought to market a number of options that help users stay both secure and productive by layering multiple methods, such as device recognition, analysis of the physical location of the user, or even by using behavioral biometrics to continually verify the true identity of the end user."

He added: "Integrating these types of solutions may take a little time, and a redirection of budget - but I'm hard-pressed to think of a worthwhile cybersecurity endeavor that doesn't In this day and age, proactivity is much more important than reactivity."

Passwords look set to stay with us for some time to come then but plans are being made for a future without them. Over the next few years, technology companies operating in both the consumer and enterprise spaces are likely to push their users towards adding extra security to their accounts, enforcing protection methods such as two-factor authentication and adding support for fingerprint and visual recognition sensors on devices that have them.